Data stolen in MOVEit breach leaked by notorious ransomware gang
Clop is taking the next step to threaten victims
A top cybersecurity analyst and security researcher has claimed the Clop ransomware gang responsible for the MOVEit attacks is ramping up its threats in the hope to get victims to pay up.
Dominic Alvieri discovered on July 22 that the Russian ransomware group had created a clearnet domain designed to distribute stolen data from one of its targets, professional services giant Ernst & Young, posting a screenshot of the dotcom website to Twitter.
Ernst & Young, trading as EY, had been notified via Tweets and direct messages from Alvieri, but it’s uncertain whether the company has responded.
Clop threatens to leak MOVEit data
The analyst and researcher also reached out to BleepingComputer, informing the publication that the ransomware group’s first target was business consulting firm PWC.
In addition to EY and PWC, BleepingComputer reports that websites had also been created for Aon, Kirkland, and TD Ameritrade.
Typically, data leaks are hosted on the Tor network thanks to the additional anonymity and difficulty relating to how enforcement bodies can remove the pages. Instead, Clop is threatening to leak MOVEit breach data on the regular Internet, hence Alvieri’s ‘dotcom’ comment.
Because of the nature of clearnet domains, websites are at a much higher risk of being taken down, which has been true in the case of Clop, though it’s unclear whether enforcement agencies or hosting providers are responsible for their takedown.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Similarly, BleepingComputer suggests that cybersecurity firms could have launched their own DDoS attacks in an effort to protect victims.
According to Coveware, the small number of Clop’s estimated 1,000 direct targets that are likely to pay - or have already paid - ransoms could see the Russian group earn $75-100 million from MOVEit-linked demands alone.
- Check out the best endpoint protection
Via BleepingComputer
With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!